Reverse engineering techniques to find security bugs: A case study of the ANI
Google EngEDU
1 hr 1 min – May 22, 2007

Google Tech Talks
May 21, 2007

ABSTRACT

Alex Sotirov is a vulnerability engineer at determina. He will discuss some latest techniques in reverse engineering software to find vulnerabilities. Particularly, he’ll discuss his technique that lead him to find the ANI bug (a critical new bug in WinXP and Vista).

Alex will describe the tools he uses for reverse engineering and show how he reverse engineered ANI Bug. He will continue to discussed Windows security mechanisms (ASLR, /GS) and describe how ANI exploit bypasses them. Read the rest of this entry »

Security is Broken
Google engEDU
1 hr 10 min – Oct 11, 2006

Google Tech Talks
October 11, 2006

Rik Farrow

ABSTRACT
Our computer security model is broken. Worse yet, it never really has worked at all well, and is even less suitable for today’s uses. In this talk, I explore the history behind the design of the current security both in hardware and operating systems. Instead of evolving a more secure model over time, system designers have actually managed to make things worse, creating insecurity in depth. Most of today’s systems are single user machines: certainly desktops and laptops, but also most servers. The current security model was not designed to protect users from themselves, and this goes a long way towards understanding why security is so difficult. I end by looking at strategies for improving security — but no real solutions. The point is to start thinking outside of the box, while adopting best practices today. What we have done in the past has not worked, and can not work. We need to look at the security model in a new way, and that is the real point of this presentation. Read the rest of this entry »

Elkhound, Elsa and Cqual++: Open-Source Static Analysis for C++
Google engEDU
42 min – Apr 14, 2006

Google TechTalks
April 11, 2006

Scott McPeak

ABSTRACT
This talk will cover three pieces of infrastructure for writing static analyses for C++. All are available as open source. Elkhound is a Generalized LR (GLR) parser generator. Its input is a grammar augmented with reduction actions written in C++. The GLR algorithm works with any context-free grammar, even ambiguous grammars. The user provides additional actions to resolve ambiguities that may arise during parsing. Elsa is a C++ parser written using Elkhound. It solves many of the classic parsing challenges of C and C++ by using an ambiguous grammar, delaying much of the disambiguation until the type checking phase.

Not only does this lead to a cleaner design, the use of a parsing grammar lends itself naturally to language extensions, grammar fragments that pertain to specific language dialects (for example, GCC extensions). The use of extensions is ideal in a research setting. Finally, Cqual++ is a static analysis tool built on top of Elsa. It is a port of the older Cqual tool. It takes advantage of the Elsa extension mechanisms to process Cqual++ annotations, traverse the parsed AST, and then generate qualifier constraints that are solved by a general-purpose back end. It has been used to find a number of security bugs in the Linux kernel. Read the rest of this entry »

The Graphing Calculator Story
Google engEDU
54 min – Aug 1, 2006

Google TechTalks
August 1, 2006

Ron Avitzur

ABSTRACT
It’s midnight. I’ve been working sixteen hours a day, seven days a week. I’m not being paid. In fact, my project was canceled six months ago, so I’m evading security, sneaking into Apple Computer’s main offices in the heart of Silicon Valley, doing clandestine volunteer work for an eight-billion-dollar corporation.

For more info visit:
http://www.pacifict.com/Story Read the rest of this entry »

Gears and the Mashup Problem
Google engEDU
44 min – Sep 20, 2007

Google Tech Talks
September, 20 2007

ABSTRACT

Mashups are the most interesting innovation in software development in decades. Unfortunately, the browser’s security model did not anticipate this development, so mashups are not safe if there is any confidential information in the page. Since virtually every page has at least some confidential information in it, this is a big problem. Google Gears may lead to the solution.

Speaker: Douglas Crockford
Douglas Crockford is the world’s foremost living authority on JavaScript. He is an architect with Yahoo’s Ajax Strike Force. He is the founder of two startups, and was Director of Technology at Lucasfilm Ltd., Director of New Media at
Paramount, and a researcher at Atari and SRI. Read the rest of this entry »